File http-php-version
Script types:
portrule
Categories:
discovery, safe
Download: http://nmap.org/svn/scripts/http-php-version.nse
User Summary
Attempts to retrieve the PHP version from a web server. PHP has a number of magic queries that return images or text that can vary with the PHP version. This script uses the following queries:
/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: gets a GIF logo, which changes on April Fool's Day./?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: gets an HTML credits page.
A list of magic queries is at http://www.0php.com/php_easter_egg.php.
The script also checks if any header field value starts with
"PHP" and reports that value if found.
Link:
Script Arguments
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.Example Usage
nmap -sV --script=http-php-version <target>
Script Output
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-php-version: Versions from logo query (less accurate): 4.3.11, 4.4.0 - 4.4.4, 4.4.9, 5.0.5-2ubuntu1.1, 5.0.5-pl3-gentoo, 5.1.0 - 5.1.2 | Versions from credits query (more accurate): 5.0.5 |_Version from header x-powered-by: PHP/5.0.5
Requires
Author: Ange Gutek, Rob Nicholls
License: Same as Nmap--See http://nmap.org/book/man-legal.html